WEKO3
アイテム
{"_buckets": {"deposit": "22d0d9e1-6ffb-4b84-8458-788d7e642deb"}, "_deposit": {"created_by": 3, "id": "3459", "owners": [3], "pid": {"revision_id": 0, "type": "depid", "value": "3459"}, "status": "published"}, "_oai": {"id": "oai:nitech.repo.nii.ac.jp:00003459", "sets": ["31"]}, "author_link": ["8514", "9195", "9194", "9192", "8515", "9193", "9191"], "item_5_biblio_info_5": {"attribute_name": "書誌情報", "attribute_value_mlt": [{"bibliographicIssueDates": {"bibliographicIssueDate": "2010-12-11", "bibliographicIssueDateType": "Issued"}, "bibliographicPageEnd": "554", "bibliographicPageStart": "548", "bibliographic_titles": [{"bibliographic_title": "The Sixth IEEE/IFIP International Symposium on Trusted Computing and Communications(TRUSTCOM2010)"}]}]}, "item_5_description_16": {"attribute_name": "フォーマット", "attribute_value_mlt": [{"subitem_description": "application/pdf", "subitem_description_type": "Other"}]}, "item_5_description_4": {"attribute_name": "内容記述", "attribute_value_mlt": [{"subitem_description": "Anomaly-based Intrusion Prevention Systems have been studied to prevent zero-day attacks. However these existing systems can\u0027t prevent mimicry attacks because of the inadequacy of monitoring accuracy. Moreover, they provide no continuity for monitored applications when they have been compromised. In this paper, we propose a novel Intrusion Prevention System named Belem that detects anomaly states by checking the ordering of library functions and has a Continuing Execution Mechanism to provide application continuity. We implemented Belem on Linux and evaluated it.", "subitem_description_type": "Other"}]}, "item_5_full_name_3": {"attribute_name": "著者別名", "attribute_value_mlt": [{"nameIdentifiers": [{"nameIdentifier": "8514", "nameIdentifierScheme": "WEKO"}, {"nameIdentifier": "1000070304186 ", "nameIdentifierScheme": "NRID", "nameIdentifierURI": "http://rns.nii.ac.jp/nr/1000070304186 "}], "names": [{"name": "齋藤, 彰一"}]}, {"nameIdentifiers": [{"nameIdentifier": "8515", "nameIdentifierScheme": "WEKO"}, {"nameIdentifier": "1000000219396 ", "nameIdentifierScheme": "NRID", "nameIdentifierURI": "http://rns.nii.ac.jp/nr/1000000219396 "}], "names": [{"name": "松尾, 啓志"}]}]}, "item_5_publisher_6": {"attribute_name": "出版者", "attribute_value_mlt": [{"subitem_publisher": "Institute of Electrical and Electronics Engineers"}]}, "item_5_relation_10": {"attribute_name": "DOI", "attribute_value_mlt": [{"subitem_relation_name": [{"subitem_relation_name_text": "10.1109/EUC.2010.89"}], "subitem_relation_type": "isVersionOf", "subitem_relation_type_id": {"subitem_relation_type_id_text": "http://dx.doi.org/10.1109/EUC.2010.89", "subitem_relation_type_select": "DOI"}}]}, "item_5_text_14": {"attribute_name": "comment.local", "attribute_value_mlt": [{"subitem_text_value": "The Eighth IEEE/IFIP International Conference on Embedded and Ubiquitous Computing (EUC-10)"}]}, "item_5_version_type_13": {"attribute_name": "著者版フラグ", "attribute_value_mlt": [{"subitem_version_resource": "http://purl.org/coar/version/c_ab4af688f83e57aa", "subitem_version_type": "AM"}]}, "item_creator": {"attribute_name": "著者", "attribute_type": "creator", "attribute_value_mlt": [{"creatorNames": [{"creatorName": "Kato, Yudai", "creatorNameLang": "en"}], "nameIdentifiers": [{"nameIdentifier": "9191", "nameIdentifierScheme": "WEKO"}]}, {"creatorNames": [{"creatorName": "Makimoto, Yuji", "creatorNameLang": "en"}], "nameIdentifiers": [{"nameIdentifier": "9192", "nameIdentifierScheme": "WEKO"}]}, {"creatorNames": [{"creatorName": "Shirai, Hironori", "creatorNameLang": "en"}], "nameIdentifiers": [{"nameIdentifier": "9193", "nameIdentifierScheme": "WEKO"}]}, {"creatorNames": [{"creatorName": "Shimizu, Hiromi", "creatorNameLang": "en"}], "nameIdentifiers": [{"nameIdentifier": "9194", "nameIdentifierScheme": "WEKO"}]}, {"creatorNames": [{"creatorName": "Furuya, Yusuke", "creatorNameLang": "en"}], "nameIdentifiers": [{"nameIdentifier": "9195", "nameIdentifierScheme": "WEKO"}]}, {"creatorNames": [{"creatorName": "Saito, Shoichi", "creatorNameLang": "en"}], "nameIdentifiers": [{"nameIdentifier": "8514", "nameIdentifierScheme": "WEKO"}, {"nameIdentifier": "1000070304186 ", "nameIdentifierScheme": "NRID", "nameIdentifierURI": "http://rns.nii.ac.jp/nr/1000070304186 "}]}, {"creatorNames": [{"creatorName": "Matsuo, Hiroshi", "creatorNameLang": "en"}], "nameIdentifiers": [{"nameIdentifier": "8515", "nameIdentifierScheme": "WEKO"}, {"nameIdentifier": "1000000219396 ", "nameIdentifierScheme": "NRID", "nameIdentifierURI": "http://rns.nii.ac.jp/nr/1000000219396 "}]}]}, "item_files": {"attribute_name": "ファイル情報", "attribute_type": "file", "attribute_value_mlt": [{"accessrole": "open_date", "date": [{"dateType": "Available", "dateValue": "2017-01-17"}], "displaytype": "detail", "download_preview_message": "", "file_order": 0, "filename": "saito_2010_trustcom_1.pdf", "filesize": [{"value": "358.2 kB"}], "format": "application/pdf", "future_date_message": "", "is_thumbnail": false, "licensefree": "c2010 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.", "licensetype": "license_free", "mimetype": "application/pdf", "size": 358200.0, "url": {"label": "本文_fulltext", "url": "https://nitech.repo.nii.ac.jp/record/3459/files/saito_2010_trustcom_1.pdf"}, "version_id": "905c6b45-993b-4e80-bf39-21fbbf26ce1a"}]}, "item_language": {"attribute_name": "言語", "attribute_value_mlt": [{"subitem_language": "eng"}]}, "item_resource_type": {"attribute_name": "資源タイプ", "attribute_value_mlt": [{"resourcetype": "conference paper", "resourceuri": "http://purl.org/coar/resource_type/c_5794"}]}, "item_title": "Monitoring Library Function-based Intrusion Prevention System with Continuing Execution Mechanism", "item_titles": {"attribute_name": "タイトル", "attribute_value_mlt": [{"subitem_title": "Monitoring Library Function-based Intrusion Prevention System with Continuing Execution Mechanism", "subitem_title_language": "en"}]}, "item_type_id": "5", "owner": "3", "path": ["31"], "permalink_uri": "https://nitech.repo.nii.ac.jp/records/3459", "pubdate": {"attribute_name": "公開日", "attribute_value": "2013-06-25"}, "publish_date": "2013-06-25", "publish_status": "0", "recid": "3459", "relation": {}, "relation_version_is_last": true, "title": ["Monitoring Library Function-based Intrusion Prevention System with Continuing Execution Mechanism"], "weko_shared_id": 3}
Monitoring Library Function-based Intrusion Prevention System with Continuing Execution Mechanism
https://nitech.repo.nii.ac.jp/records/3459
https://nitech.repo.nii.ac.jp/records/34598199ec8e-cd8e-4956-a7d8-560eb464603b
名前 / ファイル | ライセンス | アクション |
---|---|---|
本文_fulltext (358.2 kB)
|
c2010 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.
|
Item type | 会議発表論文 / Conference Paper(1) | |||||
---|---|---|---|---|---|---|
公開日 | 2013-06-25 | |||||
タイトル | ||||||
言語 | en | |||||
タイトル | Monitoring Library Function-based Intrusion Prevention System with Continuing Execution Mechanism | |||||
言語 | ||||||
言語 | eng | |||||
資源タイプ | ||||||
資源タイプ識別子 | http://purl.org/coar/resource_type/c_5794 | |||||
資源タイプ | conference paper | |||||
著者 |
Kato, Yudai
× Kato, Yudai× Makimoto, Yuji× Shirai, Hironori× Shimizu, Hiromi× Furuya, Yusuke× Saito, Shoichi× Matsuo, Hiroshi |
|||||
著者別名 | ||||||
姓名 | 齋藤, 彰一 | |||||
著者別名 | ||||||
姓名 | 松尾, 啓志 | |||||
書誌情報 |
The Sixth IEEE/IFIP International Symposium on Trusted Computing and Communications(TRUSTCOM2010) p. 548-554, 発行日 2010-12-11 |
|||||
出版者 | ||||||
出版者 | Institute of Electrical and Electronics Engineers | |||||
著者版フラグ | ||||||
出版タイプ | AM | |||||
出版タイプResource | http://purl.org/coar/version/c_ab4af688f83e57aa | |||||
DOI | ||||||
関連タイプ | isVersionOf | |||||
識別子タイプ | DOI | |||||
関連識別子 | http://dx.doi.org/10.1109/EUC.2010.89 | |||||
関連名称 | 10.1109/EUC.2010.89 | |||||
内容記述 | ||||||
内容記述タイプ | Other | |||||
内容記述 | Anomaly-based Intrusion Prevention Systems have been studied to prevent zero-day attacks. However these existing systems can't prevent mimicry attacks because of the inadequacy of monitoring accuracy. Moreover, they provide no continuity for monitored applications when they have been compromised. In this paper, we propose a novel Intrusion Prevention System named Belem that detects anomaly states by checking the ordering of library functions and has a Continuing Execution Mechanism to provide application continuity. We implemented Belem on Linux and evaluated it. | |||||
フォーマット | ||||||
内容記述タイプ | Other | |||||
内容記述 | application/pdf |